Converted PROPFIND to new request object.

inc/CalDAVRequest.php

@@ -114,11 +114,14 @@ class CalDAVRequest
     * If the content we are receiving is XML then we parse it here.
     */
     $xml_parser = xml_parser_create_ns('UTF-8');
-    $xml_tags = array();
+    $this->xml_tags = array();
     xml_parser_set_option ( $xml_parser, XML_OPTION_SKIP_WHITE, 1 );
-    xml_parse_into_struct( $xml_parser, $raw_post, $xml_tags );
+    xml_parse_into_struct( $xml_parser, $this->raw_post, $this->xml_tags );
     xml_parser_free($xml_parser);
 
+    /**
+    * Look out for If-None-Match or If-Match headers
+    */
     if ( isset($_SERVER["HTTP_IF_NONE_MATCH"]) ) {
       $this->etag_none_match = str_replace('"','',$_SERVER["HTTP_IF_NONE_MATCH"]);
       if ( $this->etag_none_match == '' ) unset($this->etag_none_match);
@@ -139,7 +142,7 @@ class CalDAVRequest
     if ( isset($this->permissions['all']) ) return true;
     switch( $activity ) {
       case 'read':
-        return isset($this->permissions['read']);
+        return isset($this->permissions['read']) || isset($this->permissions['write']);
         break;
       case 'write':
         return isset($this->permissions['write']);
@@ -226,6 +229,17 @@ class CalDAVRequest
 
     exit(0);
   }
+
+
+  /**
+  * Return an array of what the DAV privileges are that are supported
+  *
+  * @return array The supported privileges.
+  */
+  function SupportedPrivileges() {
+    $privs = array( "all"=>1, "read"=>1, "write"=>1, "bind"=>1, "unbind"=>1, "write-content"=>1);
+    return $privs;
+  }
 }
 
 ?>

inc/caldav-PROPFIND.php

@@ -10,15 +10,10 @@
 */
 dbg_error_log("PROPFIND", "method handler");
 
-if ( ! isset($permissions['read']) ) {
-  header("HTTP/1.1 403 Forbidden");
-  header("Content-type: text/plain");
-  echo "You may not access that calendar.";
-  dbg_error_log("GET", "Access denied for User: %d, Path: %s", $session->user_no, $request_path);
-  return;
+if ( ! $request->AllowedTo('read') ) {
+  $request->DoResponse( 403, translate("You may not access that calendar") );
 }
 
-
 require_once("XMLElement.php");
 require_once("iCalendar.php");
 
@@ -26,9 +21,10 @@ $href_list = array();
 $attribute_list = array();
 $unsupported = array();
 
-foreach( $xml_tags AS $k => $v ) {
+foreach( $request->xml_tags AS $k => $v ) {
 
   $tag = $v['tag'];
+  dbg_error_log( "PROPFIND", " Handling Tag '%s' => '%s' ", $k, $v );
   switch ( $tag ) {
     case 'DAV::PROPFIND':
     case 'DAV::PROP':
@@ -74,7 +70,7 @@ foreach( $xml_tags AS $k => $v ) {
 function privileges($privilege_names, $container="privilege") {
   $privileges = array();
   foreach( $privilege_names AS $k => $v ) {
-    $privileges[] = new XMLElement($container, new XMLElement($v));
+    $privileges[] = new XMLElement($container, new XMLElement($k));
   }
   return $privileges;
 }
@@ -83,7 +79,7 @@ function privileges($privilege_names, $container="privilege") {
 * Returns an XML sub-tree for a single collection record from the DB
 */
 function collection_to_xml( $collection ) {
-  global $attribute_list, $session, $c;
+  global $attribute_list, $session, $c, $request;
 
   dbg_error_log("PROPFIND","Building XML Response for collection '%s'", $collection->dav_name );
 
@@ -119,7 +115,7 @@ function collection_to_xml( $collection ) {
     $prop->NewElement("getetag", '"'.$collection->dav_etag.'"' );
   }
   if ( isset($attribute_list['CURRENT-USER-PRIVILEGE-SET']) ) {
-    $prop->NewElement("current-user-privilege-set", privileges($GLOBALS['permissions']) );
+    $prop->NewElement("current-user-privilege-set", privileges($request->permissions) );
   }
   if ( isset($attribute_list['ACL']) ) {
     /**
@@ -127,15 +123,11 @@ function collection_to_xml( $collection ) {
     */
     $principal = new XMLElement("principal");
     $principal->NewElement("authenticated");
-    $grant = new XMLElement( "grant", array(privileges($GLOBALS['permissions'])) );
+    $grant = new XMLElement( "grant", array(privileges($request->permissions)) );
     $prop->NewElement("acl", new XMLElement( "ace", array( $principal, $grant ) ) );
   }
   if ( isset($attribute_list['SUPPORTED-PRIVILEGE-SET']) ) {
-    /**
-    * FIXME: This information is semantically valid and is correct, but could be extended
-    * if we allow clients such as Mulberry to manipulate these values.
-    */
-    $prop->NewElement("supported-privilege-set", privileges(array("read","write"), "supported-privilege") );
+    $prop->NewElement("supported-privilege-set", privileges( $request->SupportedPrivileges(), "supported-privilege") );
   }
   $status = new XMLElement("status", "HTTP/1.1 200 OK" );
 
@@ -152,7 +144,7 @@ function collection_to_xml( $collection ) {
 * Return XML for a single data item from the DB
 */
 function item_to_xml( $item ) {
-  global $attribute_list, $session, $c;
+  global $attribute_list, $session, $c, $request;
 
   dbg_error_log("PROPFIND","Building XML Response for item '%s'", $item->dav_name );
 
@@ -178,7 +170,7 @@ function item_to_xml( $item ) {
     $prop->NewElement("getetag", '"'.$item->dav_etag.'"' );
   }
   if ( isset($attribute_list['CURRENT-USER-PRIVILEGE-SET']) ) {
-    $prop->NewElement("current-user-privilege-set", privileges($GLOBALS['permissions']) );
+    $prop->NewElement("current-user-privilege-set", privileges($request->permissions) );
   }
   $status = new XMLElement("status", "HTTP/1.1 200 OK" );
 
@@ -212,7 +204,7 @@ function get_collection_contents( $depth, $user_no, $collection ) {
     if ( $collection->dav_name == '/' ) {
       $sql = "SELECT user_no, user_no, '/' || username || '/' AS dav_name, md5( '/' || username || '/') AS dav_etag, ";
       $sql .= "updated AS created, to_char(updated at time zone 'GMT',?) AS modified, fullname AS dav_displayname, FALSE AS is_calendar FROM usr ";
-      $sql .= "WHERE get_permissions($session->user_no,user_no) ~ 'R';";
+      $sql .= "WHERE get_permissions($session->user_no,user_no) ~ '[RAW]';";
     }
     else {
       $sql = "SELECT user_no, dav_name, dav_etag, created, to_char(modified at time zone 'GMT',?), dav_displayname, is_calendar FROM collection WHERE parent_container=".qpg($collection->dav_name);
@@ -290,14 +282,9 @@ function get_collection( $depth, $user_no, $collection_path ) {
 
 
 if ( count($unsupported) > 0 ) {
-
   /**
   * That's a *BAD* request!
   */
-
-  header('HTTP/1.1 403 Forbidden');
-  header('Content-Type: application/xml; charset="utf-8"');
-
   $badprops = new XMLElement( "prop" );
   foreach( $unsupported AS $k => $v ) {
     // Not supported at this point...
@@ -305,41 +292,31 @@ if ( count($unsupported) > 0 ) {
     $badprops->NewElement(strtolower($k),false,array("xmlns" => strtolower($v)));
   }
   $error = new XMLElement("error", new XMLElement( "propfind",$badprops), array("xmlns" => "DAV:") );
-//   dbg_log_array( "PROPFIND", "ERRORXML", $error, true );
 
-  echo $error->Render(0,'<?xml version="1.0" ?>');
-  exit(0);
+  $request->DoResponse( 403, $error->Render(0,'<?xml version="1.0" ?>'), 'text/xml; charset="utf-8"');
 }
-elseif ( isset($permissions['read']) || isset($permissions['write']) ) {
+elseif ( $request->AllowedTo('read') ) {
 
   /**
   * Something that we can handle, at least roughly correctly.
   */
-  $url = sprintf("http://%s:%d%s%s", $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'], $_SERVER['SCRIPT_NAME'], $request_path );
-  $url = $_SERVER['SCRIPT_NAME'] . $request_path ;
+  $url = sprintf("http://%s:%d%s%s", $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'], $_SERVER['SCRIPT_NAME'], $request->path );
+  $url = $_SERVER['SCRIPT_NAME'] . $request->path ;
   $url = preg_replace( '#/$#', '', $url);
 
-  $responses = get_collection( $query_depth, (isset($path_user_no) ? $path_user_no : $session->user_no), $request_path );
+  $responses = get_collection( $request->depth, (isset($request->user_no) ? $request->user_no : $session->user_no), $request->path );
 
   $multistatus = new XMLElement( "multistatus", $responses, array('xmlns'=>'DAV:') );
 }
 else {
-  header('HTTP/1.1 403 Forbidden');
-  header('Content-Type: text/plain');
-  echo "You do not have appropriate rights to view that resource\n";
-  dbg_log_array("caldav","PERMISSIONS", $permissions, true );
+  $request->DoResponse( 403, translate("You do not have appropriate rights to view that resource.") );
   exit(0);
 }
 
 // dbg_log_array( "PROPFIND", "XML", $multistatus, true );
-$xmldoc = $multistatus->Render();
+$xmldoc = '<?xml version="1.0" encoding="UTF-8" ?>'."\n" . $multistatus->Render();
 $etag = md5($xmldoc);
-
-header("HTTP/1.1 207 Multi-Status");
-header("Content-type: text/xml;charset=UTF-8");
 header("ETag: \"$etag\"");
-
-echo'<?xml version="1.0" encoding="UTF-8" ?>'."\n";
-echo $xmldoc;
+$request->DoResponse( 207, $xmldoc, 'text/xml; charset="utf-8"' );
 
 ?>

testing/tests/regression-suite/002-Mulberry-1.result

@@ -1,9 +1,9 @@
 HTTP/1.1 207 Multi-Status
 Date: Dow, 01 Jan 2000 00:00:00 GMT
 Server: Apache/2.2.3 (Debian) DAV/2
-ETag: "c6f452525856be90cb2193abb6151a59"
+ETag: "babe83e6862fa165ee05cc53ef149e02"
 Content-Length: 1790
-Content-Type: text/xml;charset=UTF-8
+Content-Type: text/xml; charset="utf-8"
 
 <?xml version="1.0" encoding="UTF-8" ?>
 <multistatus xmlns="DAV:">

testing/tests/regression-suite/003-Mulberry-1.result

@@ -1,9 +1,9 @@
 HTTP/1.1 207 Multi-Status
 Date: Dow, 01 Jan 2000 00:00:00 GMT
 Server: Apache/2.2.3 (Debian) DAV/2
-ETag: "137b55c4b6461331a0d3e7b89d5b71b0"
+ETag: "5050c853fe31c4f40fe0cefb3bb4d9aa"
 Content-Length: 365
-Content-Type: text/xml;charset=UTF-8
+Content-Type: text/xml; charset="utf-8"
 
 <?xml version="1.0" encoding="UTF-8" ?>
 <multistatus xmlns="DAV:">